mdi sensor can't connect to domain

larsuhartmann 

We are seeing the same error 

2022-09-07 16:16:35.2886 Error DirectoryServicesClient+<CreateLdapConnectionAsync>d__47 RunPeriodic <RegisterPeriodicTask>b__1 failed
Microsoft.Tri.Infrastructure.ExtendedException: CreateLdapConnectionAsync failed [DomainControllerDnsName=OURDC.COM]

 and can also verify that we are using a gMSA which has access to the DC - From the logs

2022-09-07 16:16:34.0854 Info  DirectoryServicesClient CreateLdapConnectionAsync connected successfully [DomainControllerDnsName=ourdc.domain.com Domain=Ourdomain UserName=OurgMSA ]
2022-09-07 16:16:34.1635 Info  LocalImpersonationManager CreateImpersonatorInternalAsync started [UserName=OurgMSA Domain=Ourdomain IsGroupManagedServiceAccount=True]
2022-09-07 16:16:34.1948 Info  LocalImpersonationManager GetGroupManagedServiceAccountTokenAsync finished [UserName=OurgMSA Domain=Ourdomain IsSuccess=True]
2022-09-07 16:16:34.1948 Info  LocalImpersonationManager CreateImpersonatorInternalAsync finished [UserName=OurgMSA Domain=Ourdomain]
2022-09-07 16:16:34.1948 Debug GroupPolicyHelper GetKerberosPolicy started [domainDnsName=Ourdomain.org]
2022-09-07 16:16:34.2104 Debug GroupPolicyHelper GetKerberosPolicy finished [domainDnsName=Ourdomain.org MaxTicketAge=10 MaxRenewAge=7]
2022-09-07 16:16:34.2104 Info  DirectoryServicesClient CreateLdapConnectionAsync connected successfully [DomainControllerDnsName=ourdc.domain.com Domain=Ourdomain UserName=OurgMSA ]
2022-09-07 16:16:34.3510 Info  DirectoryServicesResolver CreateDomainAsync created domain DC=Ourdomain,DC=org
2022-09-07 16:16:34.3667 Info  DirectoryServicesClient CreateLdapConnectionAsync connected successfully [DomainControllerDnsName=ourdc.domain.com Domain=Ourdomain UserName=OurgMSA ]

We're going to try adding the gMSA to the Domain Users group, but wanted to get confirmation that this isn't a security issue